[Pkg-zfsonlinux-devel] Root-on-ZFS on Stretch
Petter Reinholdtsen
pere at hungry.com
Sun May 22 18:11:48 UTC 2016
[Nicolas Braud-Santoni]
> Hi,
>
> First, thanks everybody for the great work in getting ZFS packages in.
And thank you for testing. It is inspiring to see our packages being
used. Perhaps your recipe could go into a howto on the wiki?
> A minor pain-point not mentionned in the install narative: several
> packages (notably, systemd) use POSIX ACLs to grant the `adm` group
> access to logs; POSIX ACLs are AFAIK not yet supported by ZoL.
Oh, did not know that. It is going to be a problem in the future.
Anyone know if this is close to being fixed?
> - `dd if=/dev/zero of=/dev/mapper/vacuum-crypt`
> Zeroing out the encrypted volume results in cryptogarbage in the
> physical drive. That's as good as initialising `/dev/sda2` with
> `/dev/urandom` and much faster. 0xCAFE time again!
What is your basis for the claim that it is as good as initializing with
random data? It seem to me like a sure way to provide a lot of examples
of encrypted data with known plaintext, which seem like a bad idea. At
least I know from the Codebook and the history of breaking the Enigma
that having knowledge about the plantext is very helpful for
codebreakers. :)
--
Happy hacking
Petter Reinholdtsen
More information about the Pkg-zfsonlinux-devel
mailing list